Quick question for wi-fi techies

[RCR]

I'm staying in a guest house in Second Road at the moment. The Wi-Fi is pathetic. But my computer found two very strong wi-fi connections that look like "TP-LINK_AP_******". I clicked on one and got a good connection to the internet without a password.

 

Is this some sort of private router someone has set up with no protection? Can they detect me or see my files?

[zenzen11]

Yes, it is someone's private router ... Set up with no protection.

Yes, they can detect your computer... If they bother to look at the router.

 

Also easy to see your web traffic ..

 

The reverse is also true ... You can see them if you can access their router configurations ... Since they have no password on the connection there is a good chance they also have no password on the router config. This is very easy to do ..

 

Can they see your files? .. That depends on how you have your security settings configured on your computer.

You are (kind of) safe if you connect to the router as PUBLIC ( not HOME) ...

 

Either they do not care of you connect ... And just like to share ( this is what I do with my fiber connection) ..

OR ... They are hoping people connect so they can try to hack in to your PC .. This takes ( a little) skill/expertise to do ...

 

I connect to routers like this all the time .. But, I do know what I a doing ... And have a ( little) experience in protecting my PC from others.

 

[RCR]

Yes, it is someone's private router ... Set up with no protection. Yes, they can detect your computer... If they bother to look at the router. Also easy to see your web traffic .. The reverse is also true ... You can see them if you can access their router configurations ... Since they have no password on the connection there is a good chance they also have no password on the router config. This is very easy to do .. Can they see your files? .. That depends on how you have your security settings configured on your computer. You are (kind of) safe if you connect to the router as PUBLIC ( not HOME) ... Either they do not care of you connect ... And just like to share ( this is what I do with my fiber connection) .. OR ... They are hoping people connect so they can try to hack in to your PC .. This takes ( a little) skill/expertise to do ... I connect to routers like this all the time .. But, I do know what I a doing ... And have a ( little) experience in protecting my PC from others.

Thank you for a quick and clear response.

[rainman333]

they can detect you but most likely they won't know you are on unless you go crazy and start downloading/uploading/torrenting/ video streaming/ skyping, basically anything that takes alot of bandwidth.

 

they can see your files if you have any publicly shared folders......

 

they can also see anything you type in like passwords , credit card info, etc, but that would require having network sniffers etc, not something a normal person would have running....

[zenzen11]

they can detect you but most likely they won't know you are on unless you go crazy and start downloading/uploading/torrenting/ video streaming/ skyping, basically anything that takes alot of bandwidth.

 

they can see your files if you have any publicly shared folders......

 

they can also see anything you type in like passwords , credit card info, etc, but that would require having network sniffers etc, not something a normal person would have running....

 +1

 

All exactly correct.

[nyum_nyum]

You could use an encrypted VPN

[Little Evil]

I used to know this IT guy who always had a laptop with him. If he found an open network, first thing he would do was check the router to see if it was open. If it was open, he'd put all sorts of crazy restrictions on it, like time of day/use, IP blocking for common websites, etc. He'd also check shared folders and see how far into the other computer he could go. He was kind of a dick that way. Knowing there are people out there like him would make me think twice about using open wifi. Who knows if someone is setting up a honeypot for usernames/passwords. In the 1/1000 chance that the connection is a set up, I wouldn't risk it when traveling that far from home.

 

Good news is that there are plenty of alternative options these days. You could look into a travel router/wifi extender for future trips. There are also hi-gain USB antenna. Lastly, 3G is pretty cheap in Thailand, so you could also look into a hotspot if you are there long enough.  

[coolsmoe]

they can also see anything you type in like passwords , credit card info, etc, but that would require having network sniffers etc, not something a normal person would have running....

 

Heu? Not if the connection is secure ('the green lock'), like almost all websites have when it comes to payments etc...

[Little Evil]

Heu? Not if the connection is secure ('the green lock'), like almost all websites have when it comes to payments etc...

 

 

Heartbleed.

[coolsmoe]

LOL, please don't make a fool of yourself.

[Little Evil]

LOL, please don't make a fool of yourself.

 

 

Seriously? You're naive to think OpenSLL is bulletproof. 

[coolsmoe]

This topic has nothing to do with openssl! Or do you think the topic starter is running a web server on his pc configured with openssl? (Openssl isn't used by Microsoft btw.) If he does, he's probably a linux guy anyway and then he would know what the consequences are.

 

This topic is about someone asking how vulnerable he is connecting to an unprotected access point and what the owner of the AP can see on his pc and heartbleed has nothing to do with that.

[Little Evil]

Sigh... this topic has nothing to do with openssl! Or do you think the topic starter is running a web server on his pc configured with openssl? (Openssl isn't used by Microsoft btw.) If he does, he's probably a linux guy anyway and then he would know what the consequences are.

 

This topic is about someone asking how vulnerable he is connecting to an unprotected access point and what the owner of the AP can see on his pc and heartbleed has nothing to do with that.

 

I'm starting to get the picture that you have no idea what you are talking about.  The "green lock" isn't proof of secure connection. It is just proof that the site you are visiting is the site you intend to visit.  It is a validation tool for site certificates, that's all.  It is typically used in conjunction with secure connections, otherwise known as OpenSSL, which does have a Windows variant for your information. You brought up secure connections, so why are you saying it isn't what you are talking about.  You're the one giving out the flat out wrong advice that as long as a website has a "green lock" then it is safe. I'm merely pointing out that is no longer valid due to new found Heartbleed exploits. Given your know-it-all attitude, I'm surprised I have to spell this out for you.  

[coolsmoe]

Reread what I have been saying in light of what the TS question was. He is not vulnerable for heartbleed when he logs into an unprotected AP. teButcher started mumbling about: "they can also see anything you type in like passwords , credit card info, etc, but that would require having network sniffers etc, not something a normal person would have running...." There I responded that it's not possible with a secure connection (for the normal user: when the green lock is there).

 

And then you came with heartbleed which has nothing to do with it.

 

Ah well, I broke one of my rules after almost 20 years of being a system and network administrator. "Don't argue with users, just nod and smile."

[Little Evil]

Reread what I have been saying in light of what the TS question was. He is not vulnerable for heartbleed when he logs into an unprotected AP. teButcher started mumbling about: "they can also see anything you type in like passwords , credit card info, etc, but that would require having network sniffers etc, not something a normal person would have running...." There I responded that it's not possible with a secure connection (for the normal user: when the green lock is there).

 

And then you came with heartbleed which has nothing to do with it.

 

Ah well, I broke one of my rules after almost 20 years of being a system and network administrator. "Don't argue with users, just nod and smile."

 

You're only telling half the story that validates your point.  The other half that you leave out is that just because a site as a "green lock" doesn't mean the user is secure. I could put a "green lock" on any website I care to create.  Doesn't mean it is secure. Just means "mywebsite.com" is actually "mywebsite.com" and not "myw3bsit3.com". You you basically said look for a green lock and you're all set. That is dangerously wrong to teach people. 

 

I will admit thought that my heartbleed reference was only in context of secure connections in general.  I was just trying to say that secure connections aren't the end all anymore.  Going back a looking at your point, I will concede that there is no immediate way that one can use Heartbleed to target a single person's input. 

[coolsmoe]

Here is the complete explanation: https://support.mozilla.org/en-US/kb/how-do-i-tell-if-my-connection-is-secure

 

For users purposes, green means good to go.

 

Because of heartbleed, openSSL connections are now more secure then before. 555 (ok ok, to be more correct, server memory is now a safer place then before... :-))

[Esap]

The key when using other peoples WiFi is having sharing turned of basically.

If you want to be secure, then as stated before use a VPN tunnel.

 

SSL is just proof that you have an SSL connection yes, but that also means that you passwords and login info is not sent in plain text over the network. So if i for some reason would be running a sniffer, like say Ettercap on a network and you were logging in with SSL I wouldn't see you username and password; if you were not using SSL then I'd have you login info in a snap.

 

Seriously though, few people are out there running Ettercap on a regular basis, so I wouldn't worry if I were you.

Heartbleed is not related to this, has nothing really do with this attackvector.

Hearbleed is for dumping SSL server memory, we are talking about attacking a client.

A client is not vunerable for this kind of attack, not relevant really.